Security Alert

Phishing Alert – Jan. 20

Monday, Jan. 20, 2019, many UA students received a phishing email with the subject “STUDENT EMPLOYMENT” This email is a scam attempt, not a legitimate job opportunity. 

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Microsoft Vulnerabilities

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution.

Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

January 14, Microsoft released patches to address these vulnerabilities. OIT will be pushing patches to OIT-supported servers, applications and workstations in the coming days.

Phishing Alert – Jan. 11

Saturday, Jan. 11, 2019, many UA students received a phishing email with the subject “STUDENT INTERNSHIP” This email is a scam attempt, not a legitimate job opportunity. 

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Phishing Alert – Jan. 7

Tuesday, Jan. 7, 2019, many UA students received a phishing email with the subject “ALABAMA PART TIME JOB OFFER FOR STUDENTS” This email is a scam attempt, not a legitimate job opportunity. 

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Phishing Alert – Dec. 25

Wednesday, Dec. 25, 2019, many UA students received a phishing email with the subject “PART TIME JOB VACANCY!!” This email is a scam attempt, not a legitimate job opportunity.  

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Phishing Alert – Nov. 18

Monday, Nov. 18, 2019, many UA students received phishing emails with the subject lines “UA Internship 2019” “FEW OPENINGS AVAILABLE” and “Student Internship OR WORK-STUDY EMPLOYMENT OPPORTUNITY” These emails are scam attempts designed to steal myBama usernames and passwords.

Remember to notice the red flags of phishing emails.

  1. Look at the from email address of the email. All official UA emails should derive from an @ua.edu email address.
  2. Hover over links and attachments in emails before you click. When hovering, a bubble will appear showing you the address of the link or attachment. This works on your mobile device too. Simply hold your finger on the link to see the URL.
  3. Watch out for grammar and spelling errors. Official correspondence should be free of mistakes.   

Learn additional security tips on the OIT website.

Phishing Alert – Nov. 14

Thursday, Nov. 14, 2019, many UA students received a phishing email with the subject “Important Midterm Progress Rating”. This email is a scam attempt designed to steal myBama usernames and passwords.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Phishing Alert – Nov. 13

Wednesday, Nov. 13, many UA employees received phishing emails from a compromised UA account. Emails had various subject lines including “need to earn some extra money”, “Job Notice”, “Announcement”, and “Offer”.

This email derived from a compromised UA account. Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive the email, and you did click on the link in the email to provide your username, password or other sensitive data, please please promptly change your myBama password. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Phishing Attempt – Nov. 12

Tuesday, Nov. 12, 2019, many UA students received a phishing email with the subject “University of Alabama ( Crimson)Work-Study Employment” This email is a scam attempt.

Remember to notice the red flags of phishing emails. Look at the from email address of the email, and hover over links before you click to see the web address.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

DUO Phone Call Issues

DUO is currently experiencing issues with the phone call authentication method – see https://status.duo.com/ for details. 

Until this issue is resolved, please remember other authentication methods are available.  

  1. Push notifications via DUO mobile app. – If you have the DUO mobile app installed, select to receive push notifications.
  2. Passcodes via DUO mobile app – If you have the DUO mobile app installed, you can receive a single passcode by tapping the University of Alabama logo in the mobile app. This code must be used immediately.
  3. Passcodes via SMS – Users can receive a batch of one-time use codes via text message. You can request these by logging into your myBama as you typically would. Once you received the DUO prompt, you can click Enter Passcode, then click on the blue button “Text me new codes.”  These codes do not expire, and they are valid until used.
  4. Online-Generated Temporary Passcodes – If you do not have your device with you, you can obtain temporary passcodes. Each of the passcodes can only be used once, and will expire after 72 hours. Visit our self-service page to generate these passcodes.

If you have any questions or concerns, please contact our IT Service Desk at 205-348-5555, itsd@ua.edu.